Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
5.4
CVSSv3

CVE-2021-32644

Published: 22/06/2021 Updated: 29/06/2021
CVSS v2 Base Score: 3.5 | Impact Score: 2.9 | Exploitability Score: 6.8
CVSS v3 Base Score: 5.4 | Impact Score: 2.7 | Exploitability Score: 2.3
VMScore: 312
Vector: AV:N/AC:M/Au:S/C:N/I:P/A:N
Subscribe to Ampache

Vulnerability Summary

Ampache is an open source web based audio/video streaming application and file manager. Due to a lack of input filtering versions 4.x.y are vulnerable to code injection in random.php. The attack requires user authentication to access the random.php page unless the site is running in demo mode. This issue has been resolved in 4.4.3.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

ampache ampache 4.4.2

Github Repositories

https://github.com/dnr6419/CVE-2021-32644

Ampache XSS

CVE-2021-32644 위 취약점은 Ampache 443 이전 버전까지 영향을 주었던 XSS 취약점입니다 nvdnistgov/vuln/detail/CVE-2021-32644 설치 및 실행 순서 1 Ampache 설치 설치를 진행할 때, docker-composeyml 파일에서 포트포워딩을 진행해주시기 바랍니다 현재 설치하는 Ampache 버전은 442 입니다 $docker-compos

References

CWE-79https://github.com/ampache/ampache/security/advisories/GHSA-vqpj-xgw2-r54qhttps://github.com/ampache/ampache/commit/c9453841e1b517a1660c3da1efd1fe5d623c93a5https://nvd.nist.govhttps://github.com/dnr6419/CVE-2021-32644
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3581reflected XSSCVE-2024-26925CVE-2024-27956LFICVE-2024-3607CVE-2024-3107CVE-2024-3295SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook